<?php

/*
 CI Library Moneybookers_IPN. A set of functions to work with moneybookers payments.
 Written by: Ciprian Dimofte - 02-08-2010
 */

class MoneyBookers_IPN{
    public $CI;

    public function __construct(){
        $this->CI =& get_instance();
    }

    public function link($item){
        //Get the correct ref_by
        //If user is guest, than just take ref_by from the session otherwise just take it from the users table record corresponding to the user. 
        if($this->CI->user->user_id > 0){
            $ref_by = $this->CI->user->user_account['user_ref_by'];
        }else{
            $ref_by = $this->CI->session->userdata("ref_by");
        }
        
        //Create the temporary order for this user.
        $this->CI->db->query("
        INSERT INTO tmp_orders
        (
        user_id,
        ref_by,
        plan_id,
        paid_amount,
        date,
        ip,
        vendor,
        order_status
        )
        VALUES
        (
        '".$this->CI->user->user_id."',
        '".$ref_by."',
        '".$item['plan_id']."',
        '".$item['amount']."',
        '".time()."',
        '".$this->CI->input->ip_address()."',
        'MoneyBookers',
        '0'
        )
        ");
        $lastid = $this->CI->db->insert_id();

        $out  = '<form action="https://www.moneybookers.com/app/payment.pl" method="post" style="margin-bottom:0px; margin-top:0px;" name="mb">';
        $out .= '<input type="hidden" name="pay_to_email" value="'.$this->CI->settings->get_param('moneybookers_email').'" />';
        $out .= '<input type="hidden" name="detail1_description" value="Item Name:" />';
        $out .= '<input type="hidden" name="detail1_text" value="'.$item['name'].' membership" />';
        $out .= '<input type="hidden" name="detail2_description" value="Item Number:" />';
        $out .= '<input type="hidden" name="detail2_text" value="'.$item['number'].'" />';
        $out .= '<input type="hidden" name="status_url" value="'.$this->CI->config->item("base_url").'util/verify_payment/moneybookers/'.$item['type'].'" />';

        $out .= '<input type="hidden" name="return_url" value="'.$this->CI->config->item("base_url").'members/payment_complete" />';
        $out .= '<input type="hidden" name="cancel_url" value="'.$this->CI->config->item("base_url").'members/cancelled_payment" />';

        $out .= '<input type="hidden" name="merchant_fields" value="ip,item_name,item_number,order_id" />';
        $out .= '<input type="hidden" name="ip" value="'.$this->CI->input->ip_address().'" />';
        $out .= '<input type="hidden" name="item_number" value="'.$item['number'].'" />';
        $out .= '<input type="hidden" name="item_name" value="'.$item['name'].' membership" />';
        $out .= '<input type="hidden" name="order_id" value="' . $lastid . '" />';

        $out .= '<input type="hidden" name="currency" value="USD" />';
        $out .= '<input type="hidden" name="amount" value="'.$item['amount'].'" />';
        $out .= '<input type="hidden" name="confirmation_note" value="'.$item['note'].'" />';
        $out .= '<input type="submit" value="Pay with MoneyBookers">';
        $out .= '</form>';

        return $out;
    }

    public function verify($transaction){
        $md5_from_them = $this->CI->input->post("md5sig");

        $secret_word_computation = strtoupper(md5($this->CI->settings->get_param('moneybookers_secret_code')));
        $md5_from_us = strtoupper(md5($this->CI->input->post("merchant_id") . $this->CI->input->post("transaction_id") . $secret_word_computation . $this->CI->input->post("mb_amount") . $this->CI->input->post("mb_currency") . $this->CI->input->post("status")));

        // check that txn_id has not been previously processed
        $selEx = $this->CI->db->query("SELECT txn_id FROM transactions WHERE txn_id = ?", array($this->CI->input->post("transaction_id")));
        $resEx = $selEx->row();


        $order_id = $this->CI->input->post('order_id');

        $sel_order = $this->CI->db->query("
        SELECT * FROM tmp_orders
        WHERE
            ID = ?
        ", array($order_id));
        $res_order = $sel_order->row();

        $acct_info = $this->CI->utility->get_account_type_by_plan_id($res_order->plan_id);

        if($this->CI->input->post("item_number") == $acct_info->ID && $this->CI->input->post("mb_amount") == $res_order->amount_paid && !$resEx->txn_id && $md5_from_them == $md5_from_us && $this->CI->input->post("status") == 2){
            //Record the transaction here
            $this->CI->db->query("INSERT INTO transactions
                                                  (
                                                  user_id,
                                                  transaction_type,
                                                  transaction_amount,
                                                  transaction_description,
                                                  transaction_ip,
                                                  transaction_date,
                                                  txn_id
                                                  )
                                              VALUES
                                                  (
                                                  ".$this->CI->db->escape($res_order->user_id).",
                                                  ".$this->CI->db->escape($transaction['type']).",
                                                  ".$this->CI->db->escape($this->CI->input->post("mb_amount")).",
                                                  ".$this->CI->db->escape($this->CI->input->post("item_name") . " purchase").",
                                                  ".$this->CI->db->escape($this->CI->input->post("ip")).",
                                                  '".time()."',
                                                  ".$this->CI->db->escape($this->CI->input->post("transaction_id"))."
                                                  )
                                             ");

            $this->CI->db->query("
				        UPDATE tmp_orders SET order_status = '1'
				        WHERE
				            ID = '".$order_id."'
				        ");
            $out = array(
                "status"=>TRUE,
                "ip"=>$this->CI->input->post("ip"),
                "amount_paid"=>$this->CI->input->post("mb_amount"),
                "plan_id"=>$res_order->plan_id,
                "ref_by"=>$res_order->ref_by,
                "uid"=>$res_order->user_id
                );
            return $out;
        }else{
            return "INCOMPLETE PAYMENT";
        }
    }
}
?>